Latest Stories

Three IT challenges to watch for in 2013

The global information systems organization ISACA is urging
businesses to prepare for tough decisions in the year ahead in three
areas: data privacy, cloud computing, and increasingly complex
cyber-threats.

Interest in private or hybrid (public/private) cloud solutions is
expected to grow because of information security concerns, according
to ISACA.

Meanwhile, cybersecurity threats are expected to continue to become
more sophisticated and pose threats to consumer data and international
supply chains.

And consumer and employee concerns about data privacy are growing,
according to ISACA.

“Privacy by design, confidentiality of location-based information,
the consumerization of IT, and an increase in legislative and
regulatory mandates that will drive more privacy audits are among the
top 2013 trends in data privacy that ISACA anticipates will need to be
addressed,” Greg Grocholski, ISACA’s international president, said in
a news release.

This is the state of IT as 2013 is set to begin. Cloud computing,
though associated with risks, provides an opportunity for
efficiencies, and employees armed with smartphones need access to data
to accommodate their flexible work schedules.

The experience of New Jersey-based CPA firm WithumSmith+Brown during
Hurricane Sandy late in 2012 demonstrated the value that cloud
computing can bring to a business. Business interruption was minimal
because the firm had moved mission-critical applications to the cloud
and employees could get access to necessary data as long as they could
get to a location with power and an internet connection.

“I attribute our ability to continue as a firm, to operate without
any issues, to the fact that we’ve embraced the whole cloud concept,”
firm partner Jim Bourke, CPA/CITP/CFF, CGMA, said in November.

Because of such benefits, cloud use is increasing. Seventy-six
percent of organizations polled in the United Kingdom that are using
cloud services expect to increase their use over the coming year,
according to a Cloud Industry Forum whitepaper. Among those not using
cloud-based services, 26% said they plan to adopt them within the next
12 months. Overall, 59% of organizations are in or headed to the
cloud, according to Ernst
& Young’s 2012 Global Information Security Survey, up from
44% in 2011.

In a September
survey of AICPA members in public accounting firms, 11% of
respondents said that their firms exclusively use cloud-based
applications, infrastructure, and platforms for their technology
needs. Another 33% said that they use business-grade cloud
solutions—such as accounting, bill management, or payroll
applications—in certain areas of their practice. Nearly 10% of those
not using cloud services are actively planning to adopt cloud
technology, while 46% are planning to remain cloud free.

Asked what they saw as the biggest barriers to adopting or expanding
cloud technologies, more than 60% of the AICPA survey respondents
pointed to security concerns, although more than 85% said they are
very or reasonably confident in their cloud vendors in the event of a
data breach or security problem. The next most frequently cited cloud
concerns were change management (43%) and skepticism about how much
value the cloud provides (42%).

Public versus private clouds

Sixty-nine percent of North American respondents, 68% of European
respondents and 63% of Asia Pacific respondents in ISACA’s 2012 IT
Risk/Reward Barometer survey said the risks of using public cloud
services—where resources are hosted and managed outside company
firewalls—outweigh the benefits.

But the private cloud, where resources are available within the
corporate firewall, was more widely accepted, with 57% of respondents
in North American, Europe, and Asia saying the benefits of using the
private cloud outweigh the risks.

Hybrid public/private clouds drew more mixed responses, with 45% of
North American, 44% of European, and 53% of Asian respondents seeing a
reasonable balance between the risks and rewards. In a hybrid cloud,
an organization manages some functions internally and contracts with a
vendor to provide other resources externally.

Interest in private or hybrid cloud solutions will grow over the
next 12 months because of information security concerns, according to
ISACA. These concerns are expected to grow, partly as a result of
greater use of “personal” clouds, which allow users to manage their
own data and sync data between multiple devices (such as Dropbox or iCloud).

Despite the risks, research shows that companies often are not
conducting certain testing procedures with respect to cloud computing.
Although 84% of CIOs said they are concerned or very concerned about
risks associated with IT security breaches, and security issues are a
significant concern among CIOs about using the cloud, less than 45%
test cloud vendors’ security systems and procedures, according to a
U.K. survey by global consulting firm Protiviti.

And 41% of cloud-using respondents in the Cloud Industry Forum
survey said they had not conducted a trial use of services before
contracting with a cloud service provider.

Ryan Rubin, Protiviti’s U.K. director of risk consultancy, said in a
news release that CIOs are not always involved in the decision to
procure cloud services, and therefore their ability to carry out
effective due diligence is limited.

“Whilst companies may migrate IT towards cloud providers in an
attempt to reduce costs, they cannot outsource their information
security risks,” Rubin said. “Unless adequately managed, the cost of
security breaches—either regulatory or legal—may outweigh the
perceived benefits of moving into the cloud.”

Cyber-threats

ISACA cites viruses that send unsolicited emails and attack websites
and search engine poisoning—where users are sent to fraudulent
sites—among the sophisticated tactics that are causing IT challenges.
Jeff Spivey, ISACA’s international vice president, said in a news
release that as more devices use IP addresses, cyber-threats will increase.

ISACA recommends management confront cyber-threats through efforts
in areas including awareness, prevention and detection as well as
incident and crisis management.

TAX NEWS

President Barack Obama signed legislation that retroactively extended more than 50 expired tax provisions for 2014, allowing taxpayers to take advantage of a host of tax incentives during this filing season.

A weekly snapshot of global accounting with news from the Journal of Accountancy and other leading accounting publications. It includes summaries of what matters to you, written by expert editors to save you time and keep you informed and prepared.